JOURNAL OF COMPUTING, VOLUME 2, ISSUE 9, SEPTEMBER 2010, ISSN 2151-9617

HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 25

A New Extension of the EAP-TLS Protocol

based on Quantum Cryptography
Mohamed Elboukhari, Mostafa Azizi, and Abdelmalek Azizi

Abstract—Quantum Cryptography or Quantum key distribution (QKD) is a new technique that allows the secure distribution of
a bit string, used as a key in cryptographic protocols. It solves the key distribution problem by allowing the exchange of a
cryptographic key between two remote parties with absolute security, guaranteed by the laws of quantum physics. Extensive
studies have been undertaken on quantum cryptography since it was noted that quantum computers could break public key
cryptosystems based on number theory. Now, the research progress in this field allows the implementation of QKD outside
laboratories and efforts are made to exploit this technology in the existing communication networks and so as to improve the
performance and reliability of the implemented technologies. Due to the limited coverage area, the environment of wireless local
area network (LAN) environment offers potentially a chance to let quantum key distribution (QKD) play a role in the wireless
communication. In this paper, we explore the possibility of using QKD for wireless LAN; we propose a scheme for integrating
quantum cryptography in the EAP-TLS protocol. This will contribute to enhance the security of the process of authentication.
Also, we present an example to illustrate the feasibility of our scheme’s implementation.

Index Terms— BB84 Protocol, Quanum Cryptography, Quantum Key Distribution (QKD), EAP-TLS protocol, Network Security.

——————————  ——————————

1 INTRODUCTION

U nlike traditional cryptography, which relies on the

computational difficulty of certain mathematical
functions and employs various mathematical
techniques to restrict eavesdroppers from learning the
contents of encrypted messages, Quantum Cryptography
is focused on the physics of information. The strength of a
given cryptosystem of conventional cryptography is
based essentially on the secrecy of its private key and the
difficulty with which the inverse of its one-way
function(s) can be calculated. There is however no
mathematical proof that will establish whether it is not
possible to find the inverse of a given one-way function.
So, traditional cryptography cannot provide guarantee of
key security. Quantum Cryptography, on the contrary, is
a method for sharing secret keys, whose security can be
formally demonstrated. Classical cryptography also
cannot provide any indication of eavesdropping.
Quantum Cryptography has a unique and important
property; it is the ability of the two communicating users
(say Alice and Bob) to detect the presence of any third
party (say Eve) trying to gain knowledge of the key. What
and how the eavesdropper can intercept and measure
depend exclusively on the laws of quantum physics.
Using quantum phenomena, we can design and
implement a communication system that can always
detect eavesdropping.
The idea of Quantum Cryptography did not attract
————————————————
 M.Elboukhari is with the dept. of Mathematics & Computer Science,
University Mohamed First, Oujda, Morocco.
 M.Azizi is with the dept. Applied Engineering, ESTO, University
Mohamed First, Oujda, Morocco.
 A.Azizi with the Academy Hassan II of Sciences & Technology, Rabat, protocol, which we use in the integration, will be
Morocco.
much attention at first. Since the 1990s, research efforts
have increased when it was proved that quantum
computers could break the public-key cryptosystems
commonly used in modern cryptography and when it is
proved that Quantum Cryptography is secure against
quantum computer attacks. Also, a more interest has been
generated after the first practical demonstration over 30
cm of free space employing polarization coding [1].
Actually, a hot issue of research is to exploit the QKD
technology in the existing networks to achieve highest
degree of security. The purpose of practically realizing
the Quantum Cryptography is to find ways to establish a
QKD network. The wireless Local Area Networks (LANs)
have many interests relating to the use of quantum
cryptography. Firstly, the limited coverage of wireless
LANs is suitable to implement QKD because Quantum
Cryptography is actually experimented over tens of
kilometers. Secondly, Wireless LANs are usually used to
provide Internet access; this type of application is critical
from a network security point of view because users can
realize e-commerce or banking transactions via the
Internet. These applications need a very strong security
that Quantum Key Distribution can offer.
In this article, we treat the task of integrating QKD in
wireless LANs; we have proposed a method of
integrating QKD in the EAP-TLS authentication protocol.
Using BB84 protocol, we defined an extended EAP-TLS
conversation which enhances the security of the EAP-TLS
authentication protocol as it has described in [2].
The organization of the remainder of our paper is as
follows. We present the related works in section 2. In
section3, we describe the EAP-TLS protocol. The BB84
described in section 4. In section 5, we present our novel
extension of EAP-TLS conversation integrating the
mechanism of QKD to improve the security of the EAP-
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 9, SEPTEMBER 2010, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG
TLS protocol. We introduce also an example to show the
possible applicability of our new scheme EAP-TLS
protocol. Finally, in section 6 we conclude the paper.
2 DESCRIPTION OF RELATED WORKS
Quantum Key Distribution is a point to point secure key
generation technology which provides unconditional
security. Actually, a new innovative approach is studying
by researchers with the main goal to exploit the security
of Quantum Cryptography for a large scale practical
communication. Indeed, the practical realization of QKD
opened new research in the area of secure QKD
networking. There are some approaches and models for
the utilization of Quantum Cryptography to secure
communications.
One approach is to use QKD in network fashion.
SECOQC (SEcure COmmunication based on Quantum
Cryptography) network of secrets and BBN DARPA
(Defense Advanced Research Projects Agency) quantum
network are examples of such networks.
The DARPA Quantum Network was jointly elaborated by
researchers at Boston University, Harvard University,
and BBN Technologies in 2004 [3]. The goal of this point-
to-point DARPA Quantum network is to use QKD
technology for standard internet traffic. The DARPA
Quantum network is the first network that delivers end-
to-end network security via high-speed Quantum Key
Distribution, and it is tested that Network is immune
against sophisticated eavesdropping attacks. The first
network link has been up and steadily operational Since
December 2002 [4]. More detailed descriptions of DARPA
Quantum network may be found in papers [3-5].
The European project SECOQC was a big research
effort of 41 research and industrial organizations from the
European Union, Switzerland and Russia, which was
initiated in 2003 and carried out between April 2004 and
October 2008. The SECOQC provide an approach to QKD
networks with a focus on the trusted repeater prototype
[6]. Description about SECOQC can be found in papers
[7-9].
Other models and approaches in using QKD in
network fashion are introduced in the literature as [10-
13]. For example, in the article [11], the authors describe
how the ATM (Aeronautical Telecommunication
Network) can be secured by QKD, either by optical fiber
or free air.
A different approach is to exploit QKD in the existing
protocols which widely used on the internet to enhance
security with the main goal to attain unconditional
security. The papers [14-21] give some example of such
approach. In these papers the researchers present a
models and schemes to integrate QKD in classical
security protocols as IPsec, PPP and TLS.
Our work is related to this last approach. We present a
technique to integrate QKD in the EAP-TLS
authentication protocol in the order to enhance the
security of the authentication process.
26
3 THE EAP-TLS AUTHENTICATION PROTOCOL
3.1 The EAP-TLS Conversation: Base Case
While defined in [22], the EAP methods did not support
mutual authentication, the use of EAP with wireless
technologies has resulted in development of a new set of
requirements. As presented in [23], it is desirable for EAP
methods used for wireless LAN authentication to support
mutual authentication and key derivation. EAP-Transport
Layer Security (EAP-TLS) [2] as a solution includes
support for certificate-based mutual authentication and
key derivation, utilizing the protected ciphersuite
negotiation, mutual authentication and key management
capabilities of the TLS protocol [24].
We use the following terminology as it is noted in [2]:
Authenticator: The entity initiating the EAP authentication.
Peer: The entity that gives a response to the authenticator.
Backend authentication server: The entity that provides to
an authenticator an authentication service.
EAP server: The entity that terminates with the peer the
EAP authentication method. The EAP server is located on
the backend authentication server in the case where the
authenticator operates in pass-through mode.
As described in [2], the EAP-TLS conversation will
begin with the authenticator and the peer negotiating
EAP. The authenticator will send an EAP-
Request/Identity packet to the peer, and the peer will
respond with an EAP-Response/Identity packet,
containing the peer's user-Id. From this point forward, as
nominally the EAP conversation occurs between the EAP
authenticator and the peer, the authenticator may act as a
pass-through device, with the EAP packets received from
the peer being encapsulated for transmission to a backend
authentication server (EAP server). Fig. 1 describes the
EAP-TLS conversation in its base case.
The peer and the EAP server during the EAP-TLS
conversation must verify that the contents of messasges
are correct and thus check if the key exchange and
authentication processes were successful. This is done by
computing the TLS finished messages by the formula [24]:
PRF (master _ secret , finished _ label , MD 5(handshake _ messages ) 
SHA 1(handshake _ messages ))
Here PRF is a pseudo-random function defined in [23].
For finished_label, we use the string “server finished” for
the message sent by the EAP server and “client finished”
for that sent by the peer. MD5 [25] and SHA-1[26] are a
secure hashing functions. The handshake_messages
includes all handshake messages starting at client hello
up to, but not including, this TLS finished message. So,
the handshake_messages for the TLS finished message
sent by the peer will be different from that for the TLS
finished message sent by the EAP server, because the one
that is sent second will include the prior one. The
master_secret is defined by the formula [24]:
master _ secret  PRF ( pre _ master _ secret , "master secret " ,
Client .random Servero.random )
Client.random and Server.random are the random
numbers generated by the peer and the EAP server
respectively. The value of pre_master_secret is generated
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 9, SEPTEMBER 2010, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 27

by the mechanism of key exchange (such RSA [27] or

Diffie-Hellman [27]). The symbol “+” in preceding Code Identifier Length
formulas indicates concatenation.
Due to reasons of simplicity we treat in this paper only Type Flags TLS Message Length
the base case of the EAP-TLS conversation, the other cases
(Session Resumption, Termination, Privacy and TLS Message Length TLS Data...

Fragmentation) will be treated in a future work.

Fig. 2. The message format of EAP-TLS Authentication protocol [2]

Authenticating Peer Authenticator

The description of fields of The EAP-TLS Request and the
EAP-TLS Response packets format is as follows:
EAP-Request/
Code (1 octet): This field equal to 1 for the The EAP-TLS
Identity
Request and equal to 2 for the EAP-TLS Response.
EAP-Response/ Identifier (1 octet): This field aids in matching responses
Identity (MyID) with requests.
EAP-Request/ Length (2 octets): This field shows the length of the EAP
EAP-Type=EAP-TLS Packet.
(TLS Start) Type (1 octet): This field indicates 13--EAP-TLS.
Flags (1 octet): This field for EAP-TLS Request is different
EAP-Response/ from the one of EAP-TLS Response. For exemple the
EAP-Type=EAP-TLS
(TLS client_hello)
EAP-TLS’s Flags include a field of EAP-TLS start [2].
TLS Message Length (4 octets): This field gives the total
EAP-Request/ length of the TLS message or set of messages that is being
EAP-Type=EAP-TLS fragmented.
(TLS server_hello, TLS data (its length is not fixed): This field consists of the
TLS certificate, encapsulated TLS packet in TLS record format.
[T LS server_key_exchange]
TLS certificate_request,
TLS server_hello_done) 4 THE BB84 PROTOCOL
EAP-Response/
EAP-Type=EAP-TLS
Quantum Key Distribution is not employed to transmit
(TLS certificate, any message data; it is only used to produce and
TLS client_key_exchange, distribute a key K  {0,1} . With any chosen encryption
N

TLS certificate_verify,
TLS change_cipher_spec, algorithm, this key can then be used to encrypt and
TLS finished) decrypt a message, which can then be transmitted over a
EAP-Request/ standard communication channel.
EAP-Type=EAP-TLS The Quantum Cryptography protocol BB84 was the
(TLS change_cipher_spec, first studied and practical implemented QKD physical
TLS finished)
layer protocol. Gilles Brassard and Charles Bennett
elaborated this protocol in 1984 in their article [28]. This
EAP-Response/
protocol is certainly the most famous and most realized
EAP-Type=EAP-TLS
quantum cryptography protocol. Its scheme uses the
EAP-Success transmission of single polarized photons (as quantum
states). The photons’ polarizations are four, and are
grouped together in two non orthogonal basis.
Fig. 1. The EAP-TLS conversation [2] The two non-orthogonal basis are generally presented as
follows:
3.2 The EAP-TLS Request and the EAP-TLS - The horizontal (0°) and vertical polarization (+90°) form
Response Packets the base  , and we denote the base states with the
The EAP-TLS Request and the EAP-TLS Response intuitive notation: 0 and  1 . We have  = { 0 , 1 } .
packets format is shown in Fig. 2. The fields are - The diagonal polarizations (+45°) and (+135°) are the
exchanged from left to right.
elements of the base  . The two base states are  and
1 1
 with   ( 0  1 ) and    ( 0  1 ) . We
2 2

have  = {  ,  } .
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 9, SEPTEMBER 2010, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 28

The information (bits), taken from a random number | a |  | c |  1 ( | a | is the absolute square of the amplitude
2 2 2

generator, are associated with the basis as shown in Table

1. of a ). Measuring with the incorrect basis products a
random result, as predicted by quantum theory. So, if Bob

TABLE 1
chooses the  basis to measure a photon in state 1 , the
ASSOCIATION BETWEEN INFORMATION (BIT) AND THE BASIS IN traditional outcome will be either 0 or 1 with equal
THE BB84 PROTOCOL
1
probability because 1  (    ) ; if the  basis was
2
Bit  
chosen instead, the classical outcome would be exactly 1
0 0  a 00   a 10
because 1  1 1  0 0 .
1 1  a 01   a 11 In order to detect Eve, Alice and Bob test for
eavesdropping in step 2b). Wherever Alice and Bob’s bases
The BB84 protocol can be described as follows [19], [28- are identical (i.e. bi  bi' ), the idea is that, the
30]:
corresponding bits should match (i.e. d i  d i ). If not, an
'
1) Quantum Transmissions (First Phase)
a) Alice generates a random string of bits d  {0,1} , and a
n
external disturbance is detected or there is noise in the
quantum channel. By need of security we consider all
random string of bases b  {, } , with n  N . N is
n

disturbances are supposed to be caused by Eve.

the length of the final key.
b) Alice prepares a photon in quantum state aij for each
bi in b and d j in d as in Table 1, and sends it to Bob
over the quantum channel.
c) According to either  or  , chosen at random, Bob
measures each aij received from Alice. Bob’s
measurements produce a string noted d  {0,1} , while
' n
his choices of bases form b  {0,1} .
' n
2) Public Discussion (Second Phase)
a) For each bit di in d
i) Alice sends the value of bi to Bob over the classical
channel.
ii) By replying to Alice, Bob states whether he used the
same basis for the measurement. The both values of d i
and d i are discarded if bi  bi .
' '
b) Alice constructs a random subset of the remaining bits
in d and discloses their values to Bob over the classical
channel (over internet for example). If the result of Bob’s
measurements for any of these bits does not coincide
with the values disclosed, eavesdropping (Eve) is
detected and communication is aborted.
c) The common secret key K  {0,1} is the string of bits
N
5 INTEGRATION OF QUNTUM KEY DISTRIBUTION IN
THE EAP-TLS AUTHENTICATION PROTOCOL:
THE QKD-EAP-TLS PROTOCOL
5.1 Key Distribution in the EAP-TLS Protocol
The EAP-TLS Protocol uses the EAP-TLS conversation to
generate security parameters. This task is done by using
key distribution process. In description of EAP-TLS
conversation [2] the key distribution is limited to the only
both Diffie Hellman (DH) and RSA exchange protocol.
The problem is that DH and RSA are not unconditional
secure; their security is computational which means it
depends of the computation power or the time (or the
execution time). As example, the article [31] presents a
simulation which shows that RSA can be broken with
time.
By exploiting Quantum Cryptography, we tend to
achieve unconditional security because QKD is proven
scientifically to be unconditional secure. This means that
the security is independently of the power of the
eavesdropper and so the security will not menaced by the
technological advancement. For this reason we propose to
integrate Quantum Cryptography in the EAP-TLS
Authentication Protocol instead of DH or RSA key
exchange.
5.2 The modified EAP-TLS Conversation: Quantum

remaining in d once the bits disclosed in step 2b) are
removed.
To understand BB84 protocol it very important to
introduce how we measure a qubit in the field of quantum
physics; if we have a qubit in the state qubit  a b  c d
so the measure of this state in the basis { b , d } produces
2
the state b with the probability of | a | and the state of
2
d with the probability of |c| and of course
EAP-TLS Conversation
In QKD-EAP-TLS Protocol, we have added certain
changes in the EAP-TLS conversation. Our main objective
is to generate security parameters by the mechanism of
Quantum Cryptography and to remove all structure
based on PKI (Public Key Infrastructure).
First, we suppose the peer and the EAP server share a
secret noted S . Second, we have replaced in EAP-TLS
conversation the procedure of classical process of key
exchange (such RSA or DH) by the mechanism of
Quantum Cryptography using the BB84 protocol.
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 9, SEPTEMBER 2010, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 29

We give the modified EAP-TLS conversation the new We note that the Fig. 3 is valid if the peer received
name of Quantum EAP-TLS conversation. Fig. 3 EAP-Request from the EAP server before the end of BB84
summarizes how different messages are exchanged protocol. If the public discussion during the BB84 makes
between the peer and the EAP server during the the peer to send an EAP-Request than the schema after
Quantum EAP-TLS conversation. BB84 is illustrated in Fig. 4.
Because BB84 is vulnerable to “man in the middle”
attack [28], we verify if an eavesdropper is detected once
the execution of BB84 protocol is finished, by calculating The BB84 protocol
the TLS finished in both sides of the peer and the EAP
server. This is achieved by using the shared secret S and EAP-Request/
the key K derived from the current execution of the EAP-Type=EAP-TLS
BB84 Protocol. (TLS change_cipher_spec,
During the Quantum EAP-TLS conversation and when TLS finished)
the peer receives the TLS server_hello, it sends to the EAP
EAP-Response/
server a series of polarized photons. The number of EAP-Type=EAP-TLS
polarized photons to be send depends on the length of the (TLS change_cipher_spec,
desired key. For each photon to be transmitted, the peer TLS finished)
randomly chooses a state aij . The remaining steps (the
EAP-Success
phase of public discussion) are exactly the same as it has
described in section 4.
Fig. 4. Message flow for the Quantum EAP-TLS conversation if the
peer sends a EAP-Request before the end of the BB84 protocol.

Authenticating Peer Authenticator

5.3 Packet Format of BB84’s Public Messages in
Quantum EAP-TLS conversation
EAP-Request/
Identity In quantum EAP-TLS conversation, all the public
messages exchanged during the BBB4 are encapsulated in
EAP-Response/ EAP-Response and in the EAP-Request packets of EAP-
Identity(MyID)
Type=EAP-TLS in both sides of the peer and the EAP
EAP-Request/ server.
EAP-Type=EAP-TLS To facilitate the implementation of our novel scheme of
(TLS Start) QKD-EAP-TLS authentication protocol (including the
service of Quantum Cryptography) we add new fields to
EAP-Response/
EAP-Type=EAP-TLS the EAP-TLS Response and the EAP-TLS Request packets
(TLS client_hello) to all public messages of the BB84 protocol. These fields
play the role of the configuration of the service of
EAP-Request/ Quantum Cryptography.
EAP-Type=EAP-TLS The packet format contains an important field of the
(TLS server_hello,
length of the key which will be generated by the
TLS server_hello_done)
mechanism of QKD. Others filed are shown in the Fig. 5.

The BB84 protocol Code Identifier Length

Key-Lenght

EAP-Response/ Type Flags TLS Message Length

EAP-Type=EAP-TLS
TLS change_cipher_spec, TLS Message Length TTL T TLS Data...
TLS finished)
EAP-Request/
EAP-Type=EAP-TLS Fig. 5. The message format of the EAP-TLS Response and the EAP-
(TLS change_cipher_spec, TLS Request during the public messages of the BB84.
TLS finished)
EAP-Response/ The description of the new fields of the message
EAP-Type=EAP-TLS format of both the EAP-TLS Requst ant the EAP-TLS
Response is as follows:
EAP-Success
Key-length (4 octets): this field gives the length of the key
provided by the execution of the BB84 protocol. Its length
is between 1 and 4 octets. The length of the key is so huge
Fig. 3. The Quantum EAP-TLS conversation in order to use the One Time Pad [27] to achieve
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 9, SEPTEMBER 2010, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG
unconditional security because the length of the key in
this case must be equal to data which will be encrypted
[32].
TTL field (2 octets minus one bit): this field provides an
amount of time (in seconds) or the number of messages
when a key could be used in authentication process. If the
max of messages is reached or the time is expired, the
mechanism of QKD started to generate a new key.
T field (one bit): this field indicates if we use the amount of
time or the number of messages. When its value is “0”,
the TTL filed corresponds to the number of messages and
when its value is “1”, the TTL filed shows an amount of
time.
5.4 The QKD-EAP-TLS Authenticaton Protocol in
Operation Mode
Our objective is to exploit the mechanism of QKD in
the process of authentication. We use the key
generated by BB84 protocol with the secret S in the
expression of pre_master_key presented in formula of
calculation of master_secret which used in calculation
of the TLS finished and so we check the mutual
authentication of the peer and the EAP server.
In operating mode, the QKD-EAP-TLS
authentication protocol begins its execution as in Fig. 3
or Fig. 4. During the BB84 protocol, the peer sends to
the EAP server the first packet fixing the fields of Key-
Length, TTL, and T. Then both the peer and the EAP
server start the BB84 protocol to derive a key K which
its is guaranteed by the laws of quantum physics.
As the BB84 protocol is vulnerable to “man in the
middle” attack, so to check if the mutual
authentication is established correctly, the peer and the
EAP server must calculate the TLS finished message
using the shared secret S and the key generated by the
processus of QKD, K  {0.1} , We propose:
N the same secret S . To impove the security of QKD-EAP-
pre _ master _ sec ret  K  S
The TLS finished is calculated as described in section 3 by
the expression:
PRF  master _ secret , finished _ label , hash  handshake _ messages  
We remark that the calculation of TLS finished uses the
key generated by QKD because we have for our QKD-
EAP-TLS protocol:
master _ sec ret  PRF ( pre _ master _ sec ret , “master sec ret ”,
ClientHello.random  ServerHello .random )
It is very important to note that in the all public messages
exchanging during the executions of BB84 protocol are
part of the value of the handshake_messages
Once the EAP server receives the TLS finished message
from the peer, it calculates its own TLS finished and
verifies whether it is the same as that of the peer or not; if
yes, then the peer is successfully authenticated. The same
operation is done by the peer when it receives the TLS
finished from the EAP server. We conclude that the
mechanism of QKD is exploited in checking the mutual
30
authentication between the peer and the EAP server.
In the next connection between the peer and the EAP
server we change the secret shared S by K : S  K and so
any key generated by the BB84 protocol will play the role of
S in the next connection. This improves the security by
modifying S at any connection because this makes the task
of discovering S by an eavesdropper very hard.
5.5 Example of Implementation of the QKD-EAP-
TLS Authenticaton Protocol
We present in this section an example of implementing
the QKD-EAP-TLS authentication protocol.
Some requirements must be satisfied to this
implementation:
a) An optical channel: Quantum Cryptography uses
photons to encode information to exploit the laws of
quantum physics. Actually, there are two mediums to
transport photons: the optical fiber or free space [33]. We
choose the free space because we integrate QKD in
wireless environment.
b) Optical modem: the modem can play the role of emitter
of photons and detector. The objective of the optical
modem is to detect and to send photons. The modem has
to include a photon emitter and a photon detector and
also polarizer to encode data using different values of
polarization as quantum states. It is used to provide
quantum key but also can be used to exchange data
depending on the method of encoding information. The
modem is very important because it can include the both
roles of classical and quantum channel. There are many
techniques employed to elaborate such modem [34]-[35].
Let two LAN networks connected via two optical
modems as illustrated in Fig. 6. We suppose that the two
points A (peer) and B (EAP server) have the possession of
TLS connection between A and B using QKD, four phases
must be done:
Phase 1: As in Fig. 3 or Fig. 4 the points A and B execute
all steps before the begining of the BB84 protocol.
Phase 2: during the BB84 protocol, the peer (A) sends the
first packet and by the way it fixes the value of the new
fields: Key-Length, TTL and T. we propose these choices:
Key-Length= 40 bits, TTL= 400 messages and T=0. We
must choose TTL=1 if we plan to use One Time Pad to
attain unconditional security. Once theBB84 is finished,
the key K generated is stored in flash memory in both
sides of A and B.
Phase 3: Both A and B calculate TLS finished message to
check the authentication by using the key K and the
secret S as in paragraph 5.4).
Phase 4: Once the Quantum EAP-TLS conversation is
achieved, we change the the secret S by K ( S  K ) and
the new shared secret between the peer and the EAP
server is K .
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 9, SEPTEMBER 2010, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG
Network C
Optical modem
B Free space
A [11]
Network D
Fig. 6. An example of using QKD-EAP-TLS authentication protocol.
6 CONCLUSION
A novel scheme of EAP-TLS authenticaton protocol based
on QKD is presented in this paper. We have introduced a
Quantum EAP-TLS conversation which enhances the
security of the EAP-TLS Protocol; the mechanism of key
distribution is established by QKD instead of the classical
key distribution as RSA or Diffie-Hellman. Our new
scheme of QKD-EAP-TLS authentication protocol
includes the following advantages:
-During the Quantum EAP-TLS conversation, the
messages exchanged become simpler. We needn’t
certificates and the infrastructure of PKI is removed.
-The secret shared S is modified at each new connection.
This deeply improves the security.
-Our scheme does not need to contruct or to build new
quantum devices. The optical modem is composed of
standard already existing components as the single
photon source and photon detector. Several companies
and organization are already using the optical fiber.
Therefore, companies can use the existing infrastructure
to generate keys by the service of Quantum
Cryptography.
REFERENCES
[1] Bennett, C.H., et al.: ‘Experimental quantum cryptography’, J. Cryptol.,
1992, 5, pp. 3–28
[2] D. Simon, B. Aboba,R. Hurst, "The EAP-TLS Authentication Protocol",
RFC 5216, march 2008.
[3] Elliott, C., “The DARPA Quantum Network”, Quantum
Communications and Cryptography, 2006.
[4] C. Elliott, D. Pearson, G. Troxel, “Quantum Cryptography in Practice,”
Proc. ACM SIGCOMM 2003.
[5] C. Elliott, “Building the quantum network,” New J. Phys. 4 (July 2002)
46.
[6] M Peev and al, " The SECOQC quantum key distribution network in
Vienna”, New Journal of Physics 11 (2009) 075001.
[7] Mehrdad Dianati, R.A., Maurice Gagnaire, Xuemin (Sherman) Shen,
Architecture and protocols of the future European quantum key
distribution network. Security and Communication Networks, 2008.
1(1): p. 57 - 74.
[8] Poppe, A., M. Peev, and O. Maurhart, Outline of the SECOQC
quantum-keydistribution network in Vienna. International Journal of
Quantum Information, 2008. 6(2): p. 209-218.
[9] Alleaume, R., et al., SECOQC White Paper on Quantum Key
31
Distribution and Cryptography. Arxiv preprint quantph/ 0701168,
2007.
[10] Khan, M.M., et al., A Quantum Key Distribution Network through
Single Mode Optical Fiber. Proceedings of the International
Symposium on Collaborative Technologies and Systems, 2006: p. 386-
391.
Le, Q.C. and P. Bellot, Enhancement of AGT Telecommunication
Security using Quantum Cryptography. Research, Innovation and
Vision for the Future, 2006 International Conference on, 2006: p. 7-16.
[12] Kimble, H.J., The quantum internet. Nature, 2008. 453(7198): p. 1023.
[13] Gisin, N. and R. Thew, Quantum communication. NATURE
PHOTONICS, 2007. 1(3): p. 165.
[14] Nguyen, T.M.T., M.A. Sfaxi, and S. Ghernaouti-Hélie, 802.11 i
Encryption Key Distribution Using Quantum Cryptography.
JOURNAL OF NETWORKS, 2006. 1(5): p. 9.
[15] Ghernaouti-Helie, S. and M. Sfaxi, Upgrading PPP security by
quantum key distribution. NetCon 2005 conference, 2005.
[16] Ghernaouti-Helie, S., et al., Using quantum key distribution within
IPSEC to secure MAN communications. MAN 2005 conference, 2005.
[17] Ghernaout-Helie, S. and M.A. Sfaxi, Applying QKD to reach
unconditional security in communications.
[18] Rass, S., et al., Secure Message Relay over Networks with QKD-Links.
Quantum, Nano and Micro Technologies, 2008 Second International
Conference on, 2008: p. 10-15.
[19] M. Elboukhari, Mostafa Azizi, and Abdelmalek Azizi, “Integration of
Quantum Key Distribution in the TLS Protocol”, IJCSNS, Vol. 9 No. 12
pp. 21-28, 2009. http://paper.ijcsns.org/07_book/200912/20091204.pdf
[20] M. Elboukhari, M. Azizi, A. Azizi, “implementation of an extension of
CHAP protocol based on quantum cryptpgaphy”, Journal of
Telecommunications, VOL. 3, Issue 1,pp 84-89, June 2010.
http://sites.google.com/site/journaloftelecommunications/v1-i1-p1-
5/V3-I1-P84-89.pdf
[21] M. Elboukhari, M. Azizi, A. Azizi, “Improving TLS Security By
Quantum Cryptography”, IJNSA, Vol 2, Number 3, pp. 87-100, july
2010. http://airccse.org/journal/nsa/0710ijnsa06.pdf
[22] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H. Levkowetz, Ed.,
"Extensible Authentication Protocol(EAP)", RFC 3748, June 2004.
[23] Stanley, D., Walker, J., and B. Aboba, "Extensible Authentication
Protocol (EAP) Method Requirements for Wireless LANs", RFC 4017,
March 2005.
[24] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol
Version 1.1", RFC 4346, April 2006.
[25] Rivest, R., "The MD5 Message-Digest Algorithm ", RFC 1321, April
1992.
[26] NIST FIPS PUB 180-2, "Secure Hash Standard," National Institute of
Standards and Technology, U.S. Department of Commerce., August
2001.
[27] B. Schneier. Applied Cryptography Second Edition : protocols,
algorithms, and source code in C. J. Wiley & Sons, Inc., 1996.
[28] C. H. Bennett and G. Brassard, “Quantum cryptography: Public key
distribution and coin tossing,” in Proc. IEEE Int. Conf. Computers,
Systems and Signal Processing, New York, Bangalore, India, 1984, pp.
175–179.
[29] M. Elboukhari, Mostafa Azizi, and Abdelmalek Azizi, “Quantum Key
Distribution Protocols: A Survey”,IJUCS International Journal of
Universal Computer Sciences, Vol. 1, Issue 2. pp. 59-67, March 2010.
http://www.hypersciences.org/IJUCS/Iss.2-2010/IJUCS-2-2-2010.pdf
[30] M. Elboukhari, Mostafa Azizi, and Abdelmalek Azizi, “Achieving
unconditional security by quantum cryptography”, UBICC Ubiquitous
Computing and Communication Journal, Vol. 5. Forthcoming Issue -
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 9, SEPTEMBER 2010, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 32

2010 http://www.ubicc.org/files/pdf/Chapter_UBICC_490.pdf
[31] M. Elboukhari, M. Azizi, A. Azizi, “Implementation of secure key
distribution based on quantum cryptography”, in Proc. IEEE Int. Conf
Multimedia Computing and Systems (ICMCS’09), page 361 - 365, 2009.
[32] Shannon, C.E (1949). ”Communication theory of secrecy systems”. Bell
System Technical Journal 28-4. URL:
http://www.cs.ucla.edu/jkong/research/security/shannon.html
[33] Hughes,J.Nordholt,D.Derkacs,C.Peterson, (2002). ”Practical free-space
quantum key distribution over 10km in daylight and at night”. New
journal of physics 4 (2002)43.1-43.14.URL:
http://www.iop.org/EJ/abstract/1367-2630/4/1/343/
[34] Idquantique : www.idquantique.com
[35] magiQ www.magiqtech.com
Mohamed Elboukhari received the DESA (diploma of high study)
degree in numerical analysis, computer science and treatment of
signal in 2005 from the University of Science, Oujda, Morocco. He is
currently a PhD student in the University of Oujda in the field of
computer science. His research interests include cryptography,
quantum cryptography and wireless network security.

Mostafa Azizi received his diploma of State engineer in Automation

and Industrial Computing in 1993 from the Mohammadia’s School of
engineers at Rabat (Morocco) and obtained his PH.D in Computer
Science in 2001 from the Université de Montréal (DIRO-FAS) at
Montreal (Canada). He is currently professor at the University of
Oujda (Morocco). He teaches several courses in the domain of
computer science such as OOP, IA, RT-systems, Distributed
Systems, TCP/IP, WEB, and Computers Security. He also supervises
a number of Master/PH.D students. His research interests include:
Verification/Coverification of real-time and embedded systems, Data
communication and security, and Computer-aided management of
industrial processes.

Abdelmalek Azizi obtained his first Doctorate in Number Theory in

1985 from the Mohammed Vth University at Rabat (Morocco). He
then obtained a Ph.D. in the same domain in 1993 from the Laval
University at Quebec (Canada). Since this date, he supervises the
organization of the Doctoral studies in the research area of class
field Theory and its Cryptography applications at the Mohammed
First University at Oujda (Morocco). Currently, he is the head of the
ACSA Research Laboratory (Arithmetic, Scientific Computation and
Applications) at the Mohammed First University at Oujda (Morocco).
His research interests are in several fields such as History of
Mathematics and Cryptography in Morocco, Class Field Theory and
its Applications to Cryptography and the Mathematical Didactics...